Knowing the Different Cyber-security Metrics for Optimal Security

Threat intelligence is a way of discussing the level of understanding an organization has about their cyber vulnerabilities. The primary purpose of threat intelligence is to ensure companies make informed, intelligent, and business-savvy decisions about their cyber-security.

In a recent survey taken by over 400 global business executives, over half failed to correctly evaluate the effectiveness of their cyber-security investments, and a staggering 80% said that they were not fully aware of the metrics of their company’s cyber presence and defense. An inability to make an informed decision about your businesses’ defense can lead to drastic results, regardless of whether your business is small or large. Knowing and using the correct cyber-security metrics and useful threat intelligence tools could spell a difference worth millions of dollars lost in the event of a severe breach.

Now that we see how important knowing the metrics are, let’s talk about a few that can be very important for healthy threat security measures utilizing a threat intelligence API.

MTTI / MTTC

The most important metrics to keep track of in your company are your Mean Time To Identify (MTTI) and your Mean Time To Contain (MTTC). How long does it take to identify a breach, and then how long until it is contained? These are excellent metrics for objectively quantifying the strength of your cyber-security, while also being directly and highly proportional to the cost of a given breach. The overall MTTI in 2017 was 52 days, and MTTC was 208 days. The longer a breach goes unnoticed, and the longer until it is contained, the more money your company will lose.

Third Party Access Rights

Third Party access rights are another big key of the picture when planning for optimal security. How often are third parties allowed access, and to what? How many of your business partners have strong cyber-security, and how much of your own data do they have access to? Many hackers use smaller and weaker subsystems to break into larger systems, and in all cyber situations a defense is only as strong as its weakest link.

Current Vulnerabilities

A listing or count of your currently known vulnerabilities is a key metric for discussion with your board to evaluate your progress. How many back-doors have been identified, and how many fixed? Vulnerability is an incident waiting to happen, but with proper threat intelligence tools it doesn’t have to.

Super User Access

A count of the number of high access users in your system is another metric useful in quantifying your current threat level. How many users have redundant or unneeded access? Each “super user” access level in your system constitutes another threat to be identified and secured, and every company should consider cracking down and implementing a “Least Privilege” approach to user access, where all users are given the least possible privilege as necessary for their job.

Keep Your Business Secure

Securing your business is about more than just allocating budget towards cyber-security – it’s about making sure your board is engaged and informed about the process and progress of their cyber-security investments. In the cyber-war, knowing is much more than half the battle.